If I only have this config:
waf_cc_deny on rate=20r/30s duration=1m zone=waf:cc;
It works fine and limit rate 404 request.

But when I add the captcha mode, it doesn't limit rate 404 request anymore.
waf_captcha off prov=reCAPTCHAv3 file=path_to_/v3.html secret=xxxxxx;
waf_action cc_deny=CAPTCHA zone=waf:action;

Using LATEST 'Current' VERSION on Nginx 1.23.2, Ubuntu 22.04, Non-Docker.